Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- root@less:~# cat /etc/security/limits.conf
- # /etc/security/limits.conf
- #
- #Each line describes a limit for a user in the form:
- #
- #<domain> <type> <item> <value>
- #
- #Where:
- #<domain> can be:
- # - an user name
- # - a group name, with @group syntax
- # - the wildcard *, for default entry
- # - the wildcard %, can be also used with %group syntax,
- # for maxlogin limit
- # - NOTE: group and wildcard limits are not applied to root.
- # To apply a limit to the root user, <domain> must be
- # the literal username root.
- #
- #<type> can have the two values:
- # - "soft" for enforcing the soft limits
- # - "hard" for enforcing hard limits
- #
- #<item> can be one of the following:
- # - core - limits the core file size (KB)
- # - data - max data size (KB)
- # - fsize - maximum filesize (KB)
- # - memlock - max locked-in-memory address space (KB)
- # - nofile - max number of open files
- # - rss - max resident set size (KB)
- # - stack - max stack size (KB)
- # - cpu - max CPU time (MIN)
- # - nproc - max number of processes
- # - as - address space limit (KB)
- # - maxlogins - max number of logins for this user
- # - maxsyslogins - max number of logins on the system
- # - priority - the priority to run user process with
- # - locks - max number of file locks the user can hold
- # - sigpending - max number of pending signals
- # - msgqueue - max memory used by POSIX message queues (bytes)
- # - nice - max nice priority allowed to raise to values: [-20, 19]
- # - rtprio - max realtime priority
- # - chroot - change root to directory (Debian-specific)
- #
- #<domain> <type> <item> <value>
- #
- #* soft core 0
- #root hard core 100000
- #* hard rss 10000
- #@student hard nproc 20
- #@faculty soft nproc 20
- #@faculty hard nproc 50
- #ftp hard nproc 0
- #ftp - chroot /ftp
- #@student - maxlogins 4
- * hard memlock 20480
- # End of file
- root@less:~# cat /etc/pam.d/common-session
- #
- # /etc/pam.d/common-session - session-related modules common to all services
- #
- # This file is included from other service-specific PAM config files,
- # and should contain a list of modules that define tasks to be performed
- # at the start and end of sessions of *any* kind (both interactive and
- # non-interactive).
- #
- # As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
- # To take advantage of this, it is recommended that you configure any
- # local modules either before or after the default block, and use
- # pam-auth-update to manage selection of other modules. See
- # pam-auth-update(8) for details.
- # here are the per-package modules (the "Primary" block)
- session [default=1] pam_permit.so
- # here's the fallback if no module succeeds
- session requisite pam_deny.so
- # prime the stack with a positive return value if there isn't one already;
- # this avoids us returning an error just because nothing sets a success code
- # since the modules above will each just jump around
- session required pam_permit.so
- # and here are more per-package modules (the "Additional" block)
- session required pam_unix.so
- session optional pam_ck_connector.so nox11
- session required pam_limits.so
- # end of pam-auth-update config
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement